Skip to main content

๐Ÿ’ผ 9.1 Microsoft Defender for Cloud

  • Contextual name: ๐Ÿ’ผ 9.1 Microsoft Defender for Cloud
  • ID: /frameworks/cis-azure-v4.0.0/09/01
  • Located in: ๐Ÿ’ผ 9 Security Services

Descriptionโ€‹

This subsection provides guidance on the use of Microsoft Defender for Cloud and associated product plans. This guidance is intended to ensure thatโ€”at a minimumโ€”the protective measures offered by these plans are being considered. Organizations may find that they have existing products or services that provide the same utility as some Microsoft Defender for Cloud products. Security and Administrative personnel need to make the determination on their organization's behalf regarding whichโ€”if anyโ€”of these recommendations are relevant to their organization's needs. In consideration of the above, and because of the potential for increased cost and complexity, please be aware that all Microsoft Defender for Cloud and associated plan recommendations are profiled as "Level 2" recommendations.

Similarโ€‹

Sub Sectionsโ€‹

SectionSub SectionsInternal RulesPoliciesFlags
๐Ÿ’ผ 9.1.1 Microsoft Cloud Security Posture Management (CSPM)
๐Ÿ’ผ 9.1.2 Defender Plan: APIs
๐Ÿ’ผ 9.1.3 Defender Plan: Servers5
ย ย ย ย ๐Ÿ’ผ 9.1.3.1 Ensure that Defender for Servers is set to 'On' (Automated)1
ย ย ย ย ๐Ÿ’ผ 9.1.3.2 Ensure that 'Vulnerability assessment for machines' component status is set to 'On' (Manual)1
ย ย ย ย ๐Ÿ’ผ 9.1.3.3 Ensure that 'Endpoint protection' component status is set to 'On' (Manual)1
ย ย ย ย ๐Ÿ’ผ 9.1.3.4 Ensure that 'Agentless scanning for machines' component status is set to 'On' (Manual)1
ย ย ย ย ๐Ÿ’ผ 9.1.3.5 Ensure that 'File Integrity Monitoring' component status is set to 'On' (Manual)1
๐Ÿ’ผ 9.1.4 Defender Plan: Containers1
ย ย ย ย ๐Ÿ’ผ 9.1.4.1 Ensure That Microsoft Defender for Containers Is Set To 'On' (Automated)1
๐Ÿ’ผ 9.1.5 Defender Plan: Storage1
ย ย ย ย ๐Ÿ’ผ 9.1.5.1 Ensure That Microsoft Defender for Storage Is Set To 'On' (Automated)1
๐Ÿ’ผ 9.1.6 Defender Plan: App Service1
ย ย ย ย ๐Ÿ’ผ 9.1.6.1 Ensure That Microsoft Defender for App Services Is Set To 'On' (Automated)1
๐Ÿ’ผ 9.1.7 Defender Plan: Databases4
ย ย ย ย ๐Ÿ’ผ 9.1.7.1 Ensure That Microsoft Defender for Azure Cosmos DB Is Set To 'On' (Automated)1
ย ย ย ย ๐Ÿ’ผ 9.1.7.2 Ensure That Microsoft Defender for Open-Source Relational Databases Is Set To 'On' (Automated)1
ย ย ย ย ๐Ÿ’ผ 9.1.7.3 Ensure That Microsoft Defender for (Managed Instance) Azure SQL Databases Is Set To 'On' (Automated)1
ย ย ย ย ๐Ÿ’ผ 9.1.7.4 Ensure That Microsoft Defender for SQL Servers on Machines Is Set To 'On' (Automated)1
๐Ÿ’ผ 9.1.8 Defender Plan: Key Vault1
ย ย ย ย ๐Ÿ’ผ 9.1.8.1 Ensure That Microsoft Defender for Key Vault Is Set To 'On' (Automated)1
๐Ÿ’ผ 9.1.9 Defender Plan: Resource Manager1
ย ย ย ย ๐Ÿ’ผ 9.1.9.1 Ensure That Microsoft Defender for Resource Manager Is Set To 'On' (Automated)1
๐Ÿ’ผ 9.1.10 Ensure that Microsoft Defender for Cloud is configured to check VM operating systems for updates (Automated)1
๐Ÿ’ผ 9.1.11 Ensure that Microsoft Cloud Security Benchmark policies are not set to 'Disabled' (Manual)1
๐Ÿ’ผ 9.1.12 Ensure That 'All users with the following roles' is set to 'Owner' (Automated)1
๐Ÿ’ผ 9.1.13 Ensure 'Additional email addresses' is Configured with a Security Contact Email (Automated)1
๐Ÿ’ผ 9.1.14 Ensure that 'Notify about alerts with the following severity (or higher)' is enabled (Automated)1
๐Ÿ’ผ 9.1.15 Ensure that 'Notify about attack paths with the following risk level (or higher)' is enabled (Automated)1
๐Ÿ’ผ 9.1.16 Ensure that Microsoft Defender External Attack Surface Monitoring (EASM) is enabled (Manual)1
๐Ÿ’ผ 9.1.17 [LEGACY] Ensure That Microsoft Defender for DNS Is Set To 'On' (Automated)